Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Found coworker at my pc with usb drive plugged in and strange programs


  • Please log in to reply
3 replies to this topic

#1 SteveNew1

SteveNew1

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 17 February 2015 - 09:03 PM

Hi. So this is a strange situation, I was on the phone today while at work and stepped away from my desk and my work laptop. While I was gone I found a coworker sitting at my desk with a usb drive plugged in. I was finishing up the call and kinda nonverbal said "what the hell are you doing" before he quickly seemed to close out of stuff. I got off the phone and he said his computer was messed up and he had to check the thumb drive... It was very strange and left me feeling uncomfortable.

 

I am at home now and used my personal computer to download this program called LastActivityView which shows a log of activities and sure enough during the time I was on the phone a number of executables appeared.

 

I tried to Google the names of the files but really have not came up with much but some of them could be from a Windows update? Here is a pic of the Activity log below.

 

I was on the phone from 1:20pm until 1:29pm. I am absolutely certain of that and I did not touch my computer during those times. So the last program that I used was the PDF application at 1:19:11 pm and then the next time I used it was 1:30:18pm.

 

Can anyone please tell me how to figure out what happened? It makes me feel very uncomfortable and violated but I can not make much of a claim with out definitive proof. Thanks!

 

1nP07WR.png

 

 

 

EDIT: I blanked out some personal info in the pic with the orange boxes.


Edited by SteveNew1, 17 February 2015 - 09:15 PM.


BC AdBot (Login to Remove)

 


#2 jburd1800

jburd1800

  • Members
  • 565 posts
  • OFFLINE
  •  
  • Local time:06:57 PM

Posted 17 February 2015 - 09:24 PM

If this is a work computer, you might be better off taking the issue to the work I T person...


“May the sun bring you new energy by day, may the moon softly restore you by night, may the rain wash away your worries, may the breeze blow new strength into your being, may you walk gently thorugh the world and know it's beauty all the days of your life.”


#3 SteveNew1

SteveNew1
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 17 February 2015 - 09:25 PM

We do not really have an internal IT guy. It is something I have considered but I'm not sure how to say, hey can we pay to have the IT people come out and check if so and so installed somekinda of logger on my pc?



#4 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:57 PM

Posted 18 February 2015 - 06:53 AM

In this situation (unauthorized access of your computer involving the possible introduction of malicious files) you absolutely want to have your IT team (whether it's internal or an outsourced group) to handle this for several reasons. First, if this is a malicious attack you may have other machines on your network compromised as well, so this may be a bigger issue affecting the company as a whole. Second, you need to maintain a proper chain of custody for evidence for any legal or administrative action.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users